Previous commit isn't going to work: read wasn't defined. Code
provided was from here:
https://packaging.python.org/guides/single-sourcing-package-version/
and is a little more complicated than is ideal. It'll also match
comment lines if they exist. Single-sourcing version number isn't
necessary for this pull request, but if I was going to do it, I'd
probably add a VERSION file and have tuf/__init__.py and setup.py
each read that in. There could be problems with that, too. I'm
going to punt on this and keep the version in two places and we
can fix that less urgently. (Also, the user agent reporting a
version seems less critical in any case than the rest of the PR.)
Version info will now be in two locations and require update in
tandem.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Potential slow retrieval errors are raised for safe downloads (strict check on file size) and not for unsafe (a file size less than an upper limit). Slow retrieval errors should always be prevented
Reject downloaded metadata as early as possible. The top-level roles were all downloaded as a group and then their
expiration inspected. All metadata provided by a mirror that has already expired is discarded immediately and the next mirror tried. The update process stops if a requested role cannot be successfully validated, or one of its parents.
[2014-04-29 02:00:32,308 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/timestamp.json
[2014-04-29 02:00:32,324 UTC] [tuf.download] [INFO] [_check_downloaded_length:676@download.py]
Downloaded 544 bytes out of an upper limit of 16384 bytes.
[2014-04-29 02:00:32,324 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/timestamp.json
[2014-04-29 02:00:32,331 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/snapshot.json
[2014-04-29 02:00:32,333 UTC] [tuf.download] [INFO] [_check_downloaded_length:654@download.py]
Downloaded 1003 bytes out of the expected 1003 bytes.
[2014-04-29 02:00:32,334 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/snapshot.json
[2014-04-29 02:00:32,334 UTC] [tuf.client.updater] [INFO] [_check_hashes:696@updater.py]
The file's sha256 hash is correct: 5b3aec7cf295a25e4b39d875c7474511da9645bc6d27f9e86fb7e439c82e0ec7
[2014-04-29 02:00:32,335 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'snapshot' expired on Tue Apr 29 01:59:01 2014 (UTC).
Do not request, download, and install top-level roles if the root of trust has already expired after the inital load. If requested, update an expired root role:
[2014-04-29 01:18:02,457 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'root' expired on Mon Apr 28 23:23:57 2014 (UTC).
[2014-04-29 01:18:02,458 UTC] [tuf.client.updater] [INFO] [refresh:628@updater.py]
Expired Root metadata was loaded from disk. Try to update it now.
[2014-04-29 01:18:02,458 UTC] [tuf.download] [INFO] [_download_file:745@download.py]
Downloading: http://localhost:8001/metadata/root.json
[2014-04-29 01:18:02,461 UTC] [tuf.download] [INFO] [_check_downloaded_length:676@download.py]
Downloaded 1198 bytes out of an upper limit of 512000 bytes.
[2014-04-29 01:18:02,461 UTC] [tuf.client.updater] [INFO] [_get_file:1189@updater.py]
Not decompressing http://localhost:8001/metadata/root.json
[2014-04-29 01:18:02,462 UTC] [tuf.client.updater] [ERROR] [_ensure_not_expired:1789@updater.py]
Metadata 'root' expired on Mon Apr 28 23:23:57 2014 (UTC).
Note: An expired 'root' was provided by the server. The requested root must also be signed by keys trusted by the client.
Issue #135: Duplicate signatures, rather than keys, was previously saved to metadata. libtuf.py should now store one signature per keyid. It should be noted that these duplicates were not identical, as PSS incorporates random salts and able to generate two valid signatures (and not equal) with the same key.
Issue #138: The write_partial() method added to libtuf.Repository.
Fixed a bug in load_repository() that did not properly detect some compressed delegated roles and failed to update the 'compressions' field of the Targets object.
You may argue that the redundancy is unnecessary (pun intended), but it
is there because redundancy means one safety check will work where
another fails. I introduced this redundant file length check because the
updater unit test is mocking the download functions, which means that
file length checks in the download functions are being bypassed.
Redundancy is a good thing for safety.
